|
-
April 10th, 2006, 02:01 AM
#11
Ahhh... I see... Quite the wild one...
But you want security.... It doesn't gel... Be wild or be secure... You can't really have both at the same time...
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 10th, 2006, 02:25 AM
#12
Be wild or be secure? Travel light, and you have the burden of neither. 
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
April 10th, 2006, 02:29 AM
#13
That would be a philosophical discussion that doesn't deserve to be dicsussed here....
But I do believe you might be mislead....
No... I know you are... 
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 10th, 2006, 02:40 AM
#14
Misled? Moi?
Nah, we just got different pieces to the puzzle. Philosophy's part of that. Engineering, too. And experience.
Rumi once said there's a field out there, beyond right and wrong. I'll meet you there.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
April 10th, 2006, 04:34 AM
#15
1. the regular computer users arnt very smart about computers nor do they have the time like we do to learn about computers,
2. most people want an easy solution they can implament and not bother with the technical aspects , when ever i have a custumer i educate them as much as possible because if i take the time to explain things they are gonna know they can come to me later ,they are going to go hey this guy acually took the time to explain this to me now i have someone i can come to with a problem and he will acually explain things to me not making me look stupid, the normal everyday computer user is going to take you seriously rather than try to solve it on his or her own,end result of that last sentence is more people with sucure systems
what i wrote above comes from lots of trail and error dealing with custumers ,a computer is like a car you have to maintain it sucurity ,antivirus updates, and backing up comes under that catagory its easy to just say they are stupid but keep in mind that there are things they may be smart in that you arnt , everyone has diffrent talents just a matter of reconizing them and structure what you are teaching within what they know so its easy to understand , i understand this topic isint a philosophical discussion but it is releavant to what we are talking about
-
April 10th, 2006, 09:52 AM
#16
Hot Damn!
I am actually going to have to agree with HTRegz here.
If something gets past an AV then the AV has failed. "Cleaning" is an option you might consider for a home computer or if you are certain that you fully understand the nature of the attack (like it is a very simple malware). In a commercial environment this really isn't much of an option, in fact the restore approach is often the quickest as well as the safest.
I am speaking based on my last 15 years' experience................this is what happens in the real World of "enterprises".
It is also very common in the home PC support environment...................recover important data and scan it then do a reformat and reinstall. The customer is not going to pay the price of a new PC to have you do anything different?
OK stupid marketing/adware stuff can be removed IMO, but as soon as a machine has been "owned" you really have no choice other than to reformat and reinstall.
Personally I do not "blame" Microsoft, as I have used their products for years and have only ever been infected once.....................it was the "stoned" virus and I had to use something on a 5.25" floppy to get rid of it  ......................I still have the PC...............it has a 10Mb HDD.............and I still have the virus on a 5.25" floppy
Just my £0.02
-
April 10th, 2006, 10:32 AM
#17
Just to add,
I remember at Uni, they had set all the labs to take a fresh image off the server EVERY time a machine was turned on!!!
This had positives and negatives. The positives are that no matter what we did to the PC we knew all we had to do was turn it off and on to have a fully working system again. They allowed nearly full priveledges to the machine as again as soon as it was reset it was taking a new image. Lastly it meant that they had almost no requirement for tech support.
The negatives were that if the machine crashed at all and you HAD to reset it you could wither wait 20 min for the image to finish, or move PC's. The latter was not always an option in a packed lab... Aditionally there must have been alot more wear and tear on certain components beacuse of that policy, and it meant that they ALWAYS left all the PCs on, even though the lab was closed from 10 at night until 8 in the morning, causing a bigger electricity bill.
I can definetely see the advantages of having a server image to install incase of infection if you're a company, and i can also see the point of attempting a clean if you're a home user.
-
April 10th, 2006, 06:03 PM
#18
Member
Originally posted here by ShippMA
I remember at Uni, they had set all the labs to take a fresh image off the server EVERY time a machine was turned on!!!
They do this at my school (the name of the program escapes me, I think it's like "Deep Freeze" or something), I don't think they re-image that often, but definently once a week.
-back on topic-
Part of the problem is the fact that MS makes their products so easy to use (and obtain) that anyone can pick up some $400 eMachines PC running XP home from Best Buy then go to some sketchy site, get a virus, then let the virus go to town.
People feel that they are invicible on the internet, that they're invisible and what they do can't come back to bite them.
-
April 10th, 2006, 10:00 PM
#19
I agree with the MS Security officer, relating to rootkits and potent malware infections.
Reinstalling and not simply cleaning.
That being said, I've rarely reinstalled until the malware infections are 800 or over, sometimes more, but it depends on the type of infections and the way the computer operates. I know a local repair shop that encountered a record infection of multiple thousands in one machine!
I never was the type to reinstall on a virus infection, which gave me great experience in cleaning them (sometimes by hand using a disk editor, that was the Monkey virus among others.).
Don't remember a client ever complaining about my work, though.
If I was an Enterprise System Admin, I would definitely be concerned with "all of the above"!!
In an enterprise, things have a way of going from little to big in "no time at all" and that can affect alot of people.
Anyways, I have no idea where I was going with this post.
In an effort to at least give some value to this post, I make the following suggestion for Windows users (but not dual booters or partition manager bootups):
Get to know and use the MS Shared Computer toolkit.
The way I have it setup, anything (bad installs, malware, whatever) can infect my C: drive and I simply reboot and it's all gone.
My programs return to normal on C:, my data files, application data folder and My Documents stay updated on D: and I have the Shared toolkit unpartitioned space splitting both primary partitions.
If you are confused, read up on MS Shared Computer toolkit.
I've used Goback (successfully for years), Deep Freeze for about a week and some other programs of this nature, I find the toolkit much better than any of them.
Oh....don't forget to make off-site backups of your important files, in case the harddrive/computer takes a nose dive.
ZT3000
Beta tester of "0"s and "1"s"
-
April 11th, 2006, 12:00 PM
#20
Sorry I didn't get to post this sooner. Busy, busy!
HT, you're point about using ghost is well taken (I've used it for years), but I have yet to see anyone I've ever worked for in a home/soho environment have a ghost image of their hdd. Many of these folks aren't even doing backups. Yeah, I can hear you now: they're idiots.
Typically, this is what I run into:
1) First hour spent running ass't scans and rooting thru the hdd looking for rogue files. I always run Spybot or Ad-Aware concurrently with an online AV scan. In this time, I'll also run Ccleaner concurrently, cleaning out the temp files. At the end of this first hour, I'm usually able to determine whether the install is salvageable or not. (1 hour)
2) If I've got to reinstall Windows, the client will often have me backup their data, which I usually do using a usb drive and Knoppix. This can take a long time, sometimes going overnight, which means two visits onsite. (1-8 hours)
3) Reinstalling Windows itself from scratch only takes an hour, unless there's driver issues. Then there's a series of Windows updates, which can run from an hour to two or three (depending on whether I've got SP's to install).
4) Once Windows is in, the computer needs to be secured with an AV app and some antispyware stuff. And those need to be updated. And Firefox needs to go in. Add another hour.
5) THEN, then I've got to get their apps back in, update those, and properly restore the user's data. Throw in another two or three hours.
These are often environments without servers. It's not unusual for my time on a protracted job to go a half day or even all day. So my first option is cleaning things out, not FNR's (flatten and reload). But, hey, I can go either way. Unfortunately, my idiots seldom see the wisdom of preparing for disaster and investing in backups like ghost, which by the way, isn't exactly cheap either.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
